►
From YouTube: 20190424 kubeadm office hours
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
B
Hi
everyone,
so
first
news
we
have
the
first
coupon
mean
upgrade
the
test
up
and
running,
and
can
you
can
you
hear
me?
Yes,
you
can
okay,
so
there
are
still
something
to
do
and
we
we
pray
me
and
for
me,
every
plane
at
the
next
week
to
do
what
they
know,
how
to
investigate
and
reproduce
locally
or
on
our
test.
That
can
be
useful
too,
for
everyone.
A
B
Or
D
necessary.
Yes,
we
found
the
to
stranger
issue,
one
related
to
Weaver,
and
we
are
following
up
with
issue
in
the
with
repo,
even
if
they
ask
us
to
reproduce-
and
it
is
not
easy
to
do
it,
but
we
will
follow
up
and
another
is
for
a
conformal
test
on
that
delegated
FBI.
That
is
failing,
but
we
are
not.
We
have
to
investigate
it
a
little
bit
so
before
next
week,
I
will
give
a.
We
will
give
a
picture
also
subscribe.
B
B
A
C
B
C
C
B
A
B
During
the
upgrade,
we
are
not
regenerating
search,
so
if
you
change
the
config
upgrade,
it
does
not
address
your
comment
in
the
certificate.
This
is
the
current
status.
They
renew
basically
does
not
look
at
at
the
config,
but
it
look
at
the
certificate
and
person
and
preserve
all
the
Sun
that
are
in
the
certificates,
but.
B
A
B
This
is,
unfortunately,
this
is
not
consistent,
because
now,
when
you
do
a
grave,
if
you
change
something
the
team
talks
to
the
manifest.
So
if
you
change
something
in
the
config
that
impact
the
manifest,
you
will
see
this
applied,
but
if
you
change
something
that
applies
to
the
certificate,
nothing
will
happen.
B
C
With
my
opinion,
so
I
can
give
an
example
scenario.
For
instance,
the
EDD
version
in
communities
between
multiple
minority
races
can
decide
to
stay
the
same
no
for
many
cycles,
and
this
means
that
the
mechanic
of
using
renewal
for
the
other
components
is
going
to
work,
but
not
for
its
CD
and
sorry.
So
if
we
have
a
way
to
force
the
renewal
as
well,
that's
our
other
option
here
like
for.
B
What
so,
if
we
look
to-
and
the
problem,
is
that
how
much
we
want
to
change
the
appropriate
workflow
now
that
the
control
flow,
if
the
component
have
the
same
version,
does
not
does
not
that
don't
do
nothing
and
included
that
the
certificate
renewal
changing
this
will
be
something
irrelevant.
What
I
was
thinking
about
was
that
we
can.
We
should
provide
a
command
that
allows
to
check
aspiration
of
certificates
and
treat
at
the
end
of
a
grade
print.
Something
about.
Please
verify
that
your
certificate
check
your
certificate
is
variation
and
so
on.
B
A
So,
okay,
there's
a
general
problem
like
a
person
wants
to
see
the
declare
like
it's
almost
like
spec
and
status
from
where
you
you
want
to
get
the
status,
but
not
just
to
the
certs.
The
source
is
one
aspect
of
this,
but
there's
multiple
things
that
we
might
have
declared
and
config,
where
you
want
to
see
what
we're
actually
what
was
actually
created
or
deployed,
and
what
the
state
of
it
is.
B
B
C
B
A
I
won't
change
the
policy,
I
think
I,
think
the
policy
is
fine,
I
think
I
think
the
internal
workflow
for
for
what
we
do
with
upgrades
doesn't
even
refine.
That
I
also
think
the
I
also
think
the
being
able
to
check
the
state
is
a
problem
because
of
this
is
a
common
function
of
wanting
to
know
when
your
services
certificates,
expire.
B
A
C
B
That
there
are
two
trauma,
so
we
have
a
cookie
mean
alpha
certain.
Yes,
some
common
okay.
Well,
there
is
re
new
stock
common,
but
and
what
this
common
F
to
do
is
something
that
we
have
to
discuss
the
last
point
of
the
list,
but
what
the
problem,
if
the
first
problem
is
what
and
download
the
certificate
renewals
should
have
been
inside
upgrades.
B
A
B
C
C
B
B
A
B
B
A
B
C
C
C
Basically,
they
claim
that
we
have
a
bunch
of
security
problems
that
I
think
that
we
can
discuss
in
terms
of
like
saying
that
hey
this
is
not
a
problem.
For
instance,
I.
Don't
think
that
the
complete
serving
search
being
self
scientist
a
problem,
but
this
box,
for
instance
the
metric
server
trying
to
scrape
the
couplet
as
a
server
and
things
like
that.
So
there's
a
long
discussion
there
in
terms
of
why.
A
A
D
This
is
actually
very
straightforward
and,
of
course,
it's
depending
on
the
PR
for
the
four
bit
Atul
and
like
my
only
point
here
like
for
discussion,
is
where
it
should
stay
with
a
single
option.
That's
called
certificate
key
in
not
registration
options
or
try
a
different
UX
approach
in
which
we
have
a
certificate
encrypt
key
in
its
configuration
and
then
in
John
control
plane,
which
is
a
subfield
of
John
configuration.
D
Probably
like
the
only
calm
of
like
the
only
difference
that
I
actually
find
between
these
two
is
basically
from
a
UX
standpoint,
so
the
second
one
may
be
a
little
bit
better
for
users
to
understand,
but
on
the
other
hand,
you
basically
have
to
put
this
key,
which
is
basically
the
same
key
for
encryption
and
decryption.
You
have
to
put
it
in
two
different
places:
well,
I'm,
not
registration
options,
it's
basically
the
same
spot,
it's
basically
symmetrical.
A
D
B
A
This
is
where,
like
software
engineers
versus
like
UX
of
users
might
diverge,
I
would
get
feedback
from
I.
Think
two
primary
stakeholders
would
be
Duffy
and
it
would
be
josh.
Josh
has
been
this
count.
Lettin
up
our
times
had
created
a
good
blog
post
on
the
EJ.
I
might
actually
reach
out
to
those
students
see
what
they
their
thoughts
are.
I
can't.
A
A
C
C
C
Bug-Fix,
oh
yeah,
so
this
is
this
is
a
small
one
sent
by
Chinese
contributor.
We
basically
there's
a
bug
in
our
validation
in
the
joint
configuration
related
to
discovery,
and
we
basically
say
that
there
is
a
failure.
While
there
is
no
failure
and
the
peer
is
already
merged.
My
question
here
is:
do
we
want
to
backport
this?
It's
not
working
in
any
way.
Just
though
we're
there
or
if.
A
D
A
C
C
A
C
C
and
also
in
general,
like
what
should
we
do
with
the
situation
on
Windows
notes,
because
it's
kind
of
complicated
and
I,
you
can
read
the
first
part
but
I'm
going
to
jump
right
to
the
cap,
which
is
at
the
bottom.
So
there
is
a
draft
it's
created
by
Microsoft,
contributor
and
I
copy.
Read
it
the
whole
thing
heavily
to
basically
comply
with
what
is
a
kick
as
much
as
I
know,
and
basically
the
important
points
here
like
Windows
was
added
as
Windows
containers
where
it
is
supported
in
GA
supported
in
114.
C
But
there
is
no
for,
like
the
consumer
to
the
point
on
Windows
the
boy
community's
a
Windows.
So
basically
they,
the
sick
windows
folks
want
cube
ATM
as
the
official
tool
for
that.
But
we
have
some
technical
limitations.
And
basically,
the
proposal
of
the
cap
here
is
to
get
this
in
some
sort
of
an
alpha
state
in
115
and
from
there
we
are
going
to
see
how
this
can
progress
in
the
future.
C
The
summary
motivation
are
clear,
so
some
goals
and
Longo's
here
that
basically
we
want
to
create
a
script.
The
script
is
going
to
be
used
for
a
couple
of
purposes,
so
download
the
artifacts
for
Windows
that
are
pre-built,
that
this
includes
Q
proxy
keep
car.
All
the
the
couplet
cube,
ATM
and
also
the
script
is
going
to
be
some
sort
of
a
wrapper
around
cube,
ATMs,
so
basically
download
and
execute
the
script.
The
script
is
going
to
download
artifacts
and
then
is
going
to
start.
C
The
cube
ATM
join
command
erupted
with
some
special
here
that
I'm
going
to
explain.
So
the
goal
is
to
support
cube
ATM
joining
cuban
a
cube
ATM
reset,
but
some
of
the
long
goals
is
to
install
this.
The
container
runtime
support,
control,
plane
mode
windows
and
joining
control,
plane
powers
as
well
also
something
patrick
and
I
discussed
today-
is
to
not
support
updates.
For
now
us.
C
A
C
A
C
C
C
So
basically
the
problem
there
is
that
there's
some
weird
space
between
the
windows,
condom
and
docker,
where
you
simply
cannot
run
on
the
privileged
container,
and
this
means
that
we
have
to
limit
queue
proxy
to
knock
the
boy
on
the
worker
nodes
at
all,
and
that
was
my
like
that.
My
first
PR
that
I
sent
that
we
put
a
hot.
B
Richard,
if
they
own
the
script,
yes,
if
they
want
to
aim
to
change,
cubed
mean
for
doing
this
staffing.
That
is
out
of
the
scope
that
we
have
on
Linux.
It
means
something
so
it
so
we
should
set
the
boundary
for
us.
Cubed
means
should
should
be
something
that
does
that
does
one
things
hopefully
well,
that
is
to
create
some
artifacts,
but
it
does.
It
should
not
care
about
everything
else.
Just
check
that
what
he
needs
is
in
place.
C
Yeah,
basically,
as
someone
who
is
co-writing,
the
scape
I
understand
the
scope
of
cube
a
diem,
and
one
of
my
main
goals
with
this
implementation
is
to
not
be
intrusive
in
terms
of
how
we
use
cube
ad
among
limits
already.
So
it's
not
the
responsibility
of
comedian
to
install
you
know
queue
proxy
Windows
service.
Instead,
what
they
even
said
we
only
support
daemon
set
so
that
that
is
the
purpose
of
the
wrapper
script
so
that
we
can
move
this
work
around
/
alternative
logic
outside
of
qadian.
C
D
These
grips
a
little
bit
clunky,
so
I
think
that
we
should
go.
We
should
not
go
the
disparate
way.
You
should
probably
like
have
Q
proxy
and
some
C
and
I
deployed
prior
to
actually
invoking
cube
a
DM
join.
So
basically,
we
should
simply
have
a
like
joint
check
that
Q
proxy
is
basically
running
as
that
we
do
service.
So
my
understanding
is
that
the
proxy
and
funnel
need
to
be
running
prior
to
actually
doing
anything
on
our
site.
C
It's
the
other
way
around.
We
we
can.
We
have
to
bootstrap
the
the
worker
load
first
and
then
it's
going
to
remain
in
normal,
ready
state
and
we
have
to
then
start
the.
Let
me
check
the
final
service
and
then
we
have
to
start
the
Q
proxy
service
and
then
the
node
is
going
to
become
ready
after
it.
You
know
the
connection
started
to
start
happening.
That's
this
is
according
to
the
the
Microsoft
developers
that
have
already
tested
it
cube,
ATM,
of
course,
yeah.
D
C
This
is
this
becomes
a
question
like.
Should
we
have
pre-fight
checks
for
this?
My
initial
response
is
no
because
this
logic
has
to
go
away
eventually
and
incubate
them.
If
we
are
editing
Q
medium,
you
know,
but
we
can
also
have
the
checks
from
the
script.
The
wrapper
script,
because
the
windows
with
the
command
to
windows
you
can
check
if
a
service
is
registered
and
if
it
started
this
I
mean
this
is
the
initial
proposal.
B
C
C
So
they
have
a
big
have
an
existing
page.
That
is
pretty
detailed.
We
told
these
cadets
and
somebody
from
Microsoft
is
already
signed
up
to
write
the
docs.
Once
we
have
an
implementation
ready,
but
it's
not.
The
docs
are
not
going
to
be
in
our
dogs,
lick
him
link
to
them
like
hey.
We
have
our
alpha
support,
but
all
the
dogs
are
going
to
reside
in
basically
in
the
Windows
dogs,
for
convenience
of
communities
and
yeah
should
I
proceed
with
the
example
user
story.
Here.
C
Yes,
please,
so
user
wants
to
join
a
machine,
they
have
to
download
the
binaries
using
scripts
after
executing
the
scripts.
We
register
proxy
I.
Don't
think
this
is
correct.
We
only
register
the
public
here,
keep
proxy
I
mean
flannel
can
be
registered
yeah.
We
we
haven't
decided
yet
how
and
when
we
should
register
everything,
because
everything
has
to
be
a
service
and
windows.
Services
are
kind
of
odd.
C
C
C
The
same
script
then
starts
flannel
I
mean
we
have
to
talk
about,
like
really
registering
the
services.
Where
is
the
correct
point
for
that
now?
Here
there
is
a
moment.
We
basically
once
cube
ATM
bootstraps
this
node
to
the
linux
control
plane
node.
We
may
have
to
fetch
some
configuration
using
the
bootstrap
client,
but
I
don't
think
this
boost.
Our
client
has
enough
privileges
to
fetch,
like
the
proxy
configure.
C
So
then
we
may
have
to
write
some
stuff
to
disk,
because
you
know
because
we
don't
have
a
proxy
demon
set.
We
now
are
managing
the
queue
peroxy
configuration
manually,
so
we
have
to
fetch
the
queue
proxy
config
from
the
cluster
write
it
to
disk,
modify
it
to
comply
with
Windows
and
then
start
the
queue
proxy
as
a
service
based
on
the
disk,
configuration
and
I
think.
The
same
applies
of
the
flatter
case,
like
the
flannel
on
the
Linux
Linux
node
has
to
be
fetched
or
written
to
disk.
C
C
C
D
Know
I
am
not
actually
quite
sure
that
you
need
that
comfort,
not
simply
because
it's
way
too
different,
it
was
created
for
from
like
a
Linux
machine
and
it
will
have
a
bunch
of
like
IP
tables
stuff
embedded
inside
it
and
not
the
the
windows
proxy
stuff,
so
I'm
not
sure
if
that
will
actually
be
be
feasible
to
use
at
all
or
simply
go
along
with
totally
different
config
nom.
So.
A
This
is
it's:
it's
super
weird,
as
we
start
to
get
component
config
matured
like
beyond
super
weird,
because
if
you
have
your
component
configuration
for
your
proxy
specified,
you
know
as
a
as
a
on
cluster
configuration
and
you
want
to
do
evil.
Do
a
recom
there's
going
to
be
some
weird
discrepancies,
because
it's
not
even
running
as
a
pod
and
they
can't
mount
the
conveying
in
the
different
yeah.
C
D
B
C
B
A
Just
when
we
parted
this
could
be
part
of
the
script
wrapping
right
like
if
you
it
can
do
a
separate
whatever
level
post,
Julie
grabbing
into
configuration
so
be
like
at
most
a
part
process.
First
part
join
is
dumb.
Second
part
join
is
like
a
coo
coo
cuddle,
something
to
cuddle,
get
something
from
somewhere.
That
has
the
appropriate
apples,
yeah.
C
C
B
C
A
C
C
C
This
is
basically
this.
These
are
implementation
details
we
have
to
like
abstract
systemd
away
from
qadian
because
currently
were
quite
bound
to
it,
and
you
know
that's
not
going
to
work
on
Windows
Sierras
detection.
We
talked
about
with
rose
and
it's
kind
of
different
to
what
we
support.
We
need
to
remove
secret
drivers.
A
A
Just
doesn't
make
sense
to
extract
the
details
for
Windows
and
Linux
for
this
behavior,
or
does
it
make
more
sense
to
have
like
a
committee
and
dash
W
and
just
like,
have
them
implement
their
own
and
just
mimic
the
behavior
like
if
you
just
mimic
the
behavior
you
care
about,
and
you
specifically
don't
even
include
all
the
other
flags.
You
don't
include
all
this
other
options
that
exist.
It's
a
very
turkey
similar
feel,
but
it's
managed
independently.
C
Was
thinking
about
something
similar,
we
create
a
new
command,
there
is
window
specific
and
we
basically
abstract
take
only
the
details.
We
care
about
from
the
correct
Linux
implementation
and
that's
work
that
also
work
on
Windows,
but
the
problem
is
that
the
the
couplet
currently
is
like
it's
so
bound
to
system
D
that
there
is
no
way
to
avoid
this.
These
particular
bits
and
these
about
the
flags
that
covereth
works
so
either
way
we
have
to
apply
this
refactor.
C
My
original
idea
was
to
avoid
the
separate
command
and
try
to
see
what
works
and
instruct
the
users
like
hey.
You
shouldn't
be
using
these
in
these
flags
because
they
don't
work
on
Windows,
but
that
was
my
initial
proposal.
We
might
want
to
go
this
way,
but
eventually,
in
the
long
run,
we
might
too
for
the
for
the
eventual
beater
support
or
something
like
that.
We
might
consider
the
the
command
that
completely
moves.
Windows
support
away
from
the
Linux
support.
D
That
this
is
basically
an
internal
fork
and
it
will
be
like
nightmare
to
manage
what
I
am
thinking
more
is
like
we're
doing
all
this
mumbo-jumbo.
In
order
to
like
overcome
the
disability
of
Windows,
to
support
containers
that
require
root.
Are
they
actually
thinking
of
adding
such
support
so
that
we
don't
need
to
Mike,
abstract,
away,
cube
proxy
and
stuff
like
that?
So
the
only
things
we'll
have
to
do
in
that
case
is
basically
abstract
away
system
tea
and.
C
So
this
this
we
have
to
do
anyway.
This
is
just
bad
the
couplet,
the
way
we
write
the
complete
Fox
in
terms
of
cube
proxy.
You
know
in
flannel
and
stuff
like
that
not
being
supported.
That's
a
big
problem.
It's
in
the
Linux
in
the
Windows
kernel,
so
I,
don't
think
this
is
going
to
happen
in
the
next
year
and
by,
but
we
also
the
only
change
we
need
to
make
with
regards
to
CNI
in
proxy.
Is
that
PR
that
I
sent
already
I?
Think
it's
here?